Scenario:
I have a work provided Macbook on Yosemite that I've used for 2 years. All company files are stored in cloud drives, and all company programs are similarly cloud based.
The company does not wipe machines before re-assignment. That is their decision and I will comply by not reformatting.
I will be leaving the company and would like to remove any of my sensitive personal data from the machine.
(I've searched other questions which are either out of date or point to complete reformat. This is not an option. This question is the most analogous, but is for a different operating system version and is almost 2 years old. The upvoted answer references FileVault, which I don't think covers the personal data areas I am concerned with.)
I will follow the above mentioned question and complete these steps:
- Move out all important data
- Delete my old account (and entire home directory)
- Create a new account for the new owner
- Delete unused space in Disk Utility
- Delete Spotlight index
- Delete/var/db/locate.db
I will also follow the deauthorization steps mentioned in this answer.
However, I am concerned about other areas of data (like dropbox settings, synced drives, saved wifi/network information, saved network computers, keychains, saved cellphone mac address from Adobe Edge Inspect etc). That might be stored elsewhere.
My question:
What additional areas of the machine should I be sure to clear, and how can I do so?
Also, is there an Apple-updated guide for this sort of thing, that might stay relevant when AskDifferent questions fall out of usefulness?
Best Answer
You are on the right track. With modern storage, the value of secure wipe is so little, I prefer to just write files over the free space.
If you need help with http://brew.sh to download Rick Astley, please (pretty please) ask that and I'm sure someone can provide a nice script to get some youtube-dl going and then copy the files again and again to fill up space nicely.
Spotlight won't contain anything at that point you care about. If you are paranoid:
Inspect the /var/log folder and
srm
or truncate / delete everything you find.An alternate method would be to use Time Machine to only back up the files you choose to restore and not mess with filling space. For every file you wish to check:
You can build up exclusions to your satisfaction and then make one backup once you've normal deleted all private files that are not excluded by rule. They you're free to wipe everything / fill up everything and then install a totally clean OS and use the migration assistant to migrate back just the company files that you've backed up.
Unless you're going to do this multiple times, it's probably not a big difference in the amount of effort it would require you to implement either of these choices. Pick the strategy that makes more sense to you.